In cryptography, a key-agreement protocol is a protocol whereby two (or more) parties generate a cryptographic key as a function of information provided by each honest party so that no party can predetermine the resulting value. In particular, all honest participants influence the outcome. A key-agreement protocol is a specialisation of a key-exchange protocol. At the completion of the protocol, all parties share the same key. A key-agreement protocol precludes undesired third parties from forcing a key choice on the agreeing parties. A secure key agreement can ensure confidentiality and data integrity in communications systems, ranging from simple messaging applications to complex banking transactions. Secure agreement is defined relative to a security model, for example the Universal Model. More generally, when evaluating protocols, it is important to state security goals and the security model. For example, it may be required for the session key to be authenticated. A protocol can be evaluated for success only in the context of its goals and attack model. An example of an adversarial model is the Dolev–Yao model. In many key exchange systems, one party generates the key, and sends that key to the other party; the other party has no influence on the key. == Exponential key exchange == The first publicly known public-key agreement protocol that meets the above criteria was the Diffie–Hellman key exchange, in which two parties jointly exponentiate a generator with random numbers, in such a way that an eavesdropper cannot feasibly determine what the resultant shared key is. Exponential key agreement in and of itself does not specify any prior agreement or subsequent authentication between the participants. It has thus been described as an anonymous key agreement protocol. == Symmetric key agreement == Symmetric key agreement (SKA) is a method of key agreement that uses solely symmetric cryptography and cryptographic hash functions as cryptographic primitives. It is related to symmetric authenticated key exchange. SKA may assume the use of initial shared secrets or a trusted third party with whom the agreeing parties share a secret is assumed. If no third party is present, then achieving SKA can be trivial: we tautologically assume that two parties that share an initial secret and have achieved SKA. SKA contrasts with key-agreement protocols that include techniques from asymmetric cryptography, such as key encapsulation mechanisms. The initial exchange of a shared key must be done in a manner that is private and integrity-assured. Historically, this was achieved by physical means, such as by using a trusted courier. An example of a SKA protocol is the Needham–Schroeder protocol. It establishes a session key between two parties on the same network, using a server as a trusted third party. The original Needham–Schroeder protocol is vulnerable to a replay attack. Timestamps and nonces are included to fix this attack. It forms the basis for the Kerberos protocol. === Types of key agreement === Boyd et al. classify two-party key agreement protocols according to two criteria as follows: whether a pre-shared key already exists or not the method of generating the session key. The pre-shared key may be shared between the two parties, or each party may share a key with a trusted third party. If there is no secure channel (as may be established via a pre-shared key), it is impossible to create an authenticated session key. The session key may be generated via: key transport, key agreement and hybrid. If there is no trusted third party, then the cases of key transport and hybrid session key generation are indistinguishable. SKA is concerned with protocols in which the session key is established using only symmetric primitives. == Authentication == Anonymous key exchange, like Diffie–Hellman, does not provide authentication of the parties, and is thus vulnerable to man-in-the-middle attacks. A wide variety of cryptographic authentication schemes and protocols have been developed to provide authenticated key agreement to prevent man-in-the-middle and related attacks. These methods generally mathematically bind the agreed key to other agreed-upon data, such as the following: public–private key pairs shared secret keys passwords === Public keys === A widely used mechanism for defeating such attacks is the use of digitally signed keys that must be integrity-assured: if Bob's key is signed by a trusted third party vouching for his identity, Alice can have considerable confidence that a signed key she receives is not an attempt to intercept by Eve. When Alice and Bob have a public-key infrastructure, they may digitally sign an agreed Diffie–Hellman key, or exchanged Diffie–Hellman public keys. Such signed keys, sometimes signed by a certificate authority, are one of the primary mechanisms used for secure web traffic (including HTTPS, SSL or TLS protocols). Other specific examples are MQV, YAK and the ISAKMP component of the IPsec protocol suite for securing Internet Protocol communications. However, these systems require care in endorsing the match between identity information and public keys by certificate authorities in order to work properly. === Hybrid systems === Hybrid systems use public-key cryptography to exchange secret keys, which are then used in a symmetric-key cryptography systems. Most practical applications of cryptography use a combination of cryptographic functions to implement an overall system that provides all of the four desirable features of secure communications (confidentiality, integrity, authentication, and non-repudiation). === Passwords === Password-authenticated key agreement protocols require the separate establishment of a password (which may be smaller than a key) in a manner that is both private and integrity-assured. These are designed to resist man-in-the-middle and other active attacks on the password and the established keys. For example, DH-EKE, SPEKE, and SRP are password-authenticated variations of Diffie–Hellman. === Other tricks === If one has an integrity-assured way to verify a shared key over a public channel, one may engage in a Diffie–Hellman key exchange to derive a short-term shared key, and then subsequently authenticate that the keys match. One way is to use a voice-authenticated read-out of the key, as in PGPfone. Voice authentication, however, presumes that it is infeasible for a man-in-the-middle to spoof one participant's voice to the other in real-time, which may be an undesirable assumption. Such protocols may be designed to work with even a small public value, such as a password. Variations on this theme have been proposed for Bluetooth pairing protocols. In an attempt to avoid using any additional out-of-band authentication factors, Davies and Price proposed the use of the interlock protocol of Ron Rivest and Adi Shamir, which has been subject to both attack and subsequent refinement.
SmarterChild
SmarterChild was a chatbot available on AOL Instant Messenger and Windows Live Messenger (previously MSN Messenger) networks. == History == SmarterChild was an apparently intelligent agent or "bot" developed by ActiveBuddy, Inc., with offices in New York and Sunnyvale. It was widely distributed across global instant messaging networks. SmarterChild became very popular, attracting over 30 million Instant Messenger "buddies" on AIM (AOL), MSN and Yahoo Messenger over the course of its lifetime. Founded in 2000, ActiveBuddy was the brainchild of Robert Hoffer and Timothy Kay, who later brought seasoned advertising executive Peter Levitan on board as CEO. The concept for conversational instant messaging bots came from the founder's vision to add natural language comprehension functionality to the increasingly popular AIM instant messaging application. The original implementation took shape as a demo that Kay programmed in Perl in his Los Altos garage to connect a single buddy name, "ActiveBuddy", to look up stock symbols, and later allow AIM users to play Colossal Cave Adventure, a word-based adventure game, and MIT's Boris Katz Start Question Answering System but quickly grew to include a wide range of database applications the company called 'knowledge domains' including instant access to news, weather, stock information, movie times, yellow pages listings, and detailed sports data, as well as a variety of tools (personal assistant, calculators, translator, etc.). None of the individual domains which the company had named “stocksBuddy”, “sportsBuddy”, etc. ever launched publicly. When Stephen Klein came on board as COO — and eventually CEO — he insisted that all of the disparate test “buddies” be launched together with the company’s highly-developed colloquial chat domain. He suggested using “SmarterChild”, a username coined by Tim Kay which Tim was using to test various things. The bundled domains were launched publicly as SmarterChild (on AIM initially) in June 2001. SmarterChild provided information wrapped in fun and quirky conversation. The company generated no revenue from SmarterChild, but used it as a demonstration of the power of what Klein called “conversational computing”. The company subsequently marketed Automated Service Agents—delivering immediate answers to customer service inquiries—-to large corporations, like Comcast, Cingular, TimeWarner Cable, etc. SmarterChild's popularity spawned targeted marketing-oriented bots for Radiohead, Austin Powers, Intel, Keebler, The Sporting News and others. ActiveBuddy co-founders, Kay and Hoffer, as co-inventors, were issued two controversial U.S. patents in 2002. ActiveBuddy changed its name to Colloquis (briefly Conversagent) and targeted development of consumer-facing enterprise customer service agents, which the company marketed as Automated Service Agents. Microsoft acquired Colloquis in October 2006 and proceeded to de-commission SmarterChild and kill off the Automated Service Agent business as well. Robert Hoffer, ActiveBuddy co-founder, licensed the technology from Microsoft after Microsoft abandoned the Colloquis technology.
Energy informatics
Energy informatics is a research field covering the use of information and communication technology to address energy utilization and management challenges. Methods used for "smart" implementations often combine IoT sensors with artificial intelligence and machine learning. Energy Informatics is founded on flow networks that are the major suppliers and consumers of energy. Their efficiency can be improved by collecting and analyzing information. == Application areas == The field among other consider application areas within: Smart Buildings by developing ICT-centred solutions for improving the energy-efficiency of buildings. Smart Cities by investigating the synergies between demand patterns and supply availability of energy flows in cities and communities to improve energy efficiency, increase integration of renewable sources, and provide resilience towards system faults caused by extreme situations, like hurricanes and flooding. Smart Industries including the development of ICT-centred solutions for improving the energy efficiency and predictability of energy intensive industrial processes, without compromising process and product quality. Smart Energy Networks by developing ICT-centred solutions for coordinating the supply and demand in environmentally sustainable energy networks.
Pointer jumping
Pointer jumping or path doubling is a design technique for parallel algorithms that operate on pointer structures, such as linked lists and directed graphs. Pointer jumping allows an algorithm to follow paths with a time complexity that is logarithmic with respect to the length of the longest path. It does this by "jumping" to the end of the path computed by neighbors. The basic operation of pointer jumping is to replace each neighbor in a pointer structure with its neighbor's neighbor. In each step of the algorithm, this replacement is done for all nodes in the data structure, which can be done independently in parallel. In the next step when a neighbor's neighbor is followed, the neighbor's path already followed in the previous step is added to the node's followed path in a single step. Thus, each step effectively doubles the distance traversed by the explored paths. Pointer jumping is best understood by looking at simple examples such as list ranking and root finding. == List ranking == One of the simpler tasks that can be solved by a pointer jumping algorithm is the list ranking problem. This problem is defined as follows: given a linked list of N nodes, find the distance (measured in the number of nodes) of each node to the end of the list. The distance d(n) is defined as follows, for nodes n that point to their successor by a pointer called next: If n.next is nil, then d(n) = 0. For any other node, d(n) = d(n.next) + 1. This problem can easily be solved in linear time on a sequential machine, but a parallel algorithm can do better: given n processors, the problem can be solved in logarithmic time, O(log N), by the following pointer jumping algorithm: The pointer jumping occurs in the last line of the algorithm, where each node's next pointer is reset to skip the node's direct successor. It is assumed, as in common in the PRAM model of computation, that memory access are performed in lock-step, so that each n.next.next memory fetch is performed before each n.next memory store; otherwise, processors may clobber each other's data, producing inconsistencies. The following diagram follows how the parallel list ranking algorithm uses pointer jumping for a linked list with 11 elements. As the algorithm describes, the first iteration starts initialized with all ranks set to 1 except those with a null pointer for next. The first iteration looks at immediate neighbors. Each subsequent iteration jumps twice as far as the previous. Analyzing the algorithm yields a logarithmic running time. The initialization loop takes constant time, because each of the N processors performs a constant amount of work, all in parallel. The inner loop of the main loop also takes constant time, as does (by assumption) the termination check for the loop, so the running time is determined by how often this inner loop is executed. Since the pointer jumping in each iteration splits the list into two parts, one consisting of the "odd" elements and one of the "even" elements, the length of the list pointed to by each processor's n is halved in each iteration, which can be done at most O(log N) time before each list has a length of at most one. == Root finding == Following a path in a graph is an inherently serial operation, but pointer jumping reduces the total amount of work by following all paths simultaneously and sharing results among dependent operations. Pointer jumping iterates and finds a successor — a vertex closer to the tree root — each time. By following successors computed for other vertices, the traversal down each path can be doubled every iteration, which means that the tree roots can be found in logarithmic time. Pointer doubling operates on an array successor with an entry for every vertex in the graph. Each successor[i] is initialized with the parent index of vertex i if that vertex is not a root or to i itself if that vertex is a root. At each iteration, each successor is updated to its successor's successor. The root is found when the successor's successor points to itself. The following pseudocode demonstrates the algorithm. algorithm Input: An array parent representing a forest of trees. parent[i] is the parent of vertex i or itself for a root Output: An array containing the root ancestor for every vertex for i ← 1 to length(parent) do in parallel successor[i] ← parent[i] while true for i ← 1 to length(successor) do in parallel successor_next[i] ← successor[successor[i]] if successor_next = successor then break for i ← 1 to length(successor) do in parallel successor[i] ← successor_next[i] return successor The following image provides an example of using pointer jumping on a small forest. On each iteration the successor points to the vertex following one more successor. After two iterations, every vertex points to its root node. == History and examples == Although the name pointer jumping would come later, JáJá attributes the first uses of the technique in early parallel graph algorithms and list ranking. The technique has been described with other names such as shortcutting, but by the 1990s textbooks on parallel algorithms consistently used the term pointer jumping. Today, pointer jumping is considered a software design pattern for operating on recursive data types in parallel. As a technique for following linked paths, graph algorithms are a natural fit for pointer jumping. Consequently, several parallel graph algorithms utilizing pointer jumping have been designed. These include algorithms for finding the roots of a forest of rooted trees, connected components, minimum spanning trees, and biconnected components. However, pointer jumping has also shown to be useful in a variety of other problems including computer vision, image compression, and Bayesian inference.
Information and media literacy
Information and media literacy (IML) is a combination of information literacy and media literacy. It enables people to show and make informed judgments as users of information and media, as well as to become skillful creators and producers of information and media messages. The transformative nature of IML includes creative works and creating new knowledge; to publish and collaborate responsibly requires ethical, cultural and social understanding. IML is also known as media and information literacy (MIL). UNESCO first adopted the term MIL in 2008 as a "composite concept" combining the competencies of information literacy and media literacy. UNESCO emphasizes the importance of global education in media and information literacy, and in 2013 defined Media and Information Literacy (MIL) as the ability to access, evaluate, use, and create information and media content in critical and ethical ways. Prior to the 1990s, the primary focus of information literacy was research skills. Media literacy, a study that emerged around the 1970s, traditionally focuses on the analysis and the delivery of information through various forms of media. Information literacy, as a skill proposed as early as 1974, centers on an individual's ability to recognize information needs and effectively locate, evaluate, and use information. These days, the study of information literacy has been extended to include the study of media literacy in many countries like the UK, Australia and New Zealand. It is also referred to as information and communication technologies (ICT) in the United States. Educators such as Gregory Ulmer have also defined the field as electracy.Media literacy is the ability to actively inquire into and think critically about information. It includes the ability to understand, evaluate, and create media content, and is an essential skill in today's information society. Livingstone, Van Couvering, and Thumim (2008) described the distinction between media literacy and information literacy: "Media literacy views media as lenses or windows for observing the world and expressing the self, whereas information literacy sees information as a tool for taking action in the world." == Integration of media and information literacy == Historically, the fields of information and media literacy have been separate, but over the course of the 21st century there have been calls to integrate both fields. Most definitions of information and media literacy include not only the abilities to locate, access, and analyze information but also the ability to create information. Only by integrating media literacy with information literacy can students better understand the sources of information and how it is used. Media education has primarily taken place in educational institutions, while information education has primarily occurred in libraries. Discussions surrounding the overlap of information literacy and media literacy came to fruition in the mid-to-late 2000s and 2010s as noted by Marcus Leaning. == In the digital age == The definition of literacy is "the ability to read and write". In practice many more skills are needed to locate, critically assess and make effective use of information. By extension, literacy now also includes the ability to manage and interact with digital information and media, in personal, shared and public domains. Historically, "information literacy" has largely been seen from the relatively top-down, organisational viewpoint of library and information sciences. However the same term is also used to describe a generic "information literacy" skill. The modern digital age has led to the proliferation of information spread across the Internet. Individuals must be able to recognize whether information is true or false and better yet know how to locate, evaluate, use, and communicate information in various formats; this is called information literacy. Towards the end of the 20th century, literacy was redefined to include "new literacies" relating to the new skills needed in everyday experience. "Multiliteracies" recognised the multiplicity of literacies, which were often used in combination. "21st century skills" frameworks link new literacies to wider life skills such as creativity, critical thinking, accountability. What these approaches have in common is a focus on the multiple skills needed by individuals to navigate changing personal, professional and public "information landscapes". As the conventional definition of literacy itself continues to evolve among practitioners, so too has the definition of information literacies. Noteworthy definitions include: Zurkowski defined information literacy as "the ability to find known or knowable content on any subject." CILIP, the Chartered Institute of Library and Information Practitioners, defines information literacy as "the ability to think critically and make balanced judgements about any information we find and use". In the United States, the definition proposed by the Association of College and Research Libraries (ACRL) is the most widely recognized. It defines information literacy as "a set of abilities requiring individuals to recognize when information is needed and to locate, evaluate, and use the needed information effectively." JISC, the Joint Information Systems Committee, refers to information literacy as one of six "digital capabilities", seen as an interconnected group of elements centered on "ICT literacy". Mozilla groups digital and other literacies as "21st century skills", a "broad set of knowledge, skills, habits and traits that are important to succeed in today's world". UNESCO, the United Nations Educational, Scientific and Cultural Organization, recognizing the necessity of teaching and learning both traditional and new types of information, the global importance of education was emphasized in 2008 through the "Teacher Media and Information Literacy (MIL) Curriculum". It defines MIL as a set of competencies that enable citizens to access, retrieve, understand, evaluate, use, create, and share information and media content in all formats through various tools in a critical, ethical, and effective manner, so as to participate in and carry out personal, professional, and social activities. Besides this, UNESCO also asserts information literacy as a "universal human right". == 21st-century students == In modern society, although the overall level of education has improved, the channels for knowledge production and dissemination have become increasingly diverse and commercialized, and traditional authoritative institutions no longer hold a monopoly over knowledge validation. While digital platforms have broadened access to information, they have also weakened trust mechanisms and evaluation standards, making epistemological skepticism a norm. Moreover, with the rise and spread of social media, misinformation and disinformation can be just as easily accessed in both densely and sparsely populated areas. These factors further underscore the importance of information literacy education. The IML learning capacities prepare students to be 21st century literate. According to Jeff Wilhelm (2000), "technology has everything to do with literacy. And being able to use the latest electronic technologies has everything to do with being literate." He supports his argument with J. David Bolter's statement that "if our students are not reading and composing with various electronic technologies, then they are illiterate. They are not just unprepared for the future; they are illiterate right now, in our current time and context". In a broader sense, developing this advanced competency of media and information literacy is essential, as it is crucial for students to exercise their freedom of expression in the 21st century. Wilhelm's statement is supported by the 2005 Wired World Phase II (YCWW II) survey conducted by the Media Awareness Network of Canada on 5000 Grade 4 – 11 students. The key findings of the survey were: 62% of Grade 4 students prefer the Internet. 38% of Grade 4 students prefer the library. 91% of Grade 11 students prefer the Internet. 9% of Grade 11 students prefer the library. Marc Prensky (2001) uses the term "digital native" to describe people who have been brought up in a digital world. The Internet has been a pervasive element of young people's home lives. 94% of kids reported that they had Internet access at home, and a significant majority (61%) had a high-speed connection. By the time kids reach Grade 11, half of them (51 percent) have their own Internet-connected computer, separate and apart from the family computer. The survey also showed that young Canadians are now among the most wired in the world. Contrary to the earlier stereotype of the isolated and awkward computer nerd, today's wired kid is a social kid. In general, many students are better networked through the use of technology than most teachers and parents, who may not understand the abilities of technology.
AI Security Institute
The AI Security Institute (AISI) is a research organisation under the Department for Science, Innovation and Technology, UK, that aims "to equip governments with a scientific understanding of the risks posed by advanced AI". It conducts research and develop and test mitigations. Previously, it was known as the AI Safety Institute. Its creation followed world's first major AI Safety Summit that was held in Bletchley Park in 2023. The institute's professed goal is "building the world's leading understanding of advanced AI risks and solutions, to inform governments so they can keep the public safe". It is designed like a startup in the government "combining the authority of government with the expertise and agility of the private sector". AISI has made access agreements with Anthropic, Google and OpenAI to test their models before release. It has an open source platform called Inspect that permits companies, governments and academics to run standardised safety tests for AI usage. Among the works AISI has done is the reported detection of multiple serious vulnerabilities that could enable development of biological weapons; the vulnerabilities were fixed before the model was launched. It conducts research on diverse fields of AI application. One study by AISI found that LLMs post-trained for political persuasiveness became systematically less accurate and up to 51% more persuasive on political issues. AISI has also worked on the usage of AI for emotional needs. It found that nearly 10 percent of UK citizens used systems like chatbots for emotional purposes on a weekly basis. It found that "systems are now outperforming PhD-level researchers on scientific knowledge tests and helping non-experts succeed at lab work that would previously have been out of reach" in a report published in December 2025. Former chief AI officer of GCHQ Adam Beaumont is the institution's interim director. UK prime minister's AI advisor Jade Leung is the chief technology officer.
Relational data stream management system
A relational data stream management system (RDSMS) is a distributed, in-memory data stream management system (DSMS) that is designed to use standards-compliant SQL queries to process unstructured and structured data streams in real-time. Unlike SQL queries executed in a traditional RDBMS, which return a result and exit, SQL queries executed in a RDSMS do not exit, generating results continuously as new data become available. Continuous SQL queries in a RDSMS use the SQL Window function to analyze, join and aggregate data streams over fixed or sliding windows. Windows can be specified as time-based or row-based. == RDSMS SQL Query Examples == Continuous SQL queries in a RDSMS conform to the ANSI SQL standards. The most common RDSMS SQL query is performed with the declarative SELECT statement. A continuous SQL SELECT operates on data across one or more data streams, with optional keywords and clauses that include FROM with an optional JOIN subclause to specify the rules for joining multiple data streams, the WHERE clause and comparison predicate to restrict the records returned by the query, GROUP BY to project streams with common values into a smaller set, HAVING to filter records resulting from a GROUP BY, and ORDER BY to sort the results. The following is an example of a continuous data stream aggregation using a SELECT query that aggregates a sensor stream from a weather monitoring station. The SELECTquery aggregates the minimum, maximum and average temperature values over a one-second time period, returning a continuous stream of aggregated results at one second intervals. RDSMS SQL queries also operate on data streams over time or row-based windows. The following example shows a second continuous SQL query using the WINDOW clause with a one-second duration. The WINDOW clause changes the behavior of the query, to output a result for each new record as it arrives. Hence the output is a stream of incrementally updated results with zero result latency.